Similar Posts
How hackers used little-known credit-card feature to defraud Lansdale woman, $1.99 at a time
ByKayne
“It’s low effort for them. Once they set up the subscription and unless the subscription is canceled, they don’t have to do any other work and they can resell access to that subscription,” he said. “So it’s a guaranteed line of profit for them until somebody goes and notices there’s been a problem.”
Criminals typically resell access to the services on secondary markets, McGladrey said. Criminals may resell a streaming service that’s normally $10 per month for $5, netting the thieves $5 monthly. While a single crime is not that profitable, there have been cases where groups have reaped millions of dollars by charging small amounts to hundreds of thousands of consumers, he said.
Users are the target: How employees can be the strongest line of defense
ByKayne
Recognizing that fact, Kayne McGladrey, director of security and information technology at Pensar Development, an engineering consultancy in Seattle, says continuously phishing end users is the best way to help them identify phishing and other potentially malicious content. “This continuous exposure [to phishing] should take a variety of forms, from email-based phishing to direct messages on social media.”
McGladrey says short, actionable, culturally relevant education initiatives on a regular schedule are recommended because “users don’t want to sleep through the mandatory ‘October is cybersecurity month,’ two-hour, PowerPoint presentations.”
Pro-China Operatives Push Protests, Pandemic Conspiracies
ByKayne
“We can anticipate that any nation-state with a propaganda department or agency is working to right-size their capabilities to spread disinformation.” It’s especially true, he adds, among nation-states with larger budgetary allocations since they can use automation and “office employees” to distribute the narratives.
SEC Cyber Risk Disclosures: What Companies Need to Know
ByKayne
In this video interview with Information Security Media Group at the Cybersecurity Implications of AI Summit, McGladrey also discussed:
Why companies should use tools and software to collect and automatically gather evidence of compliance;
The consequences of false cyber risk disclosures;
The impact that SEC requirements have on private companies and supply chains.
The SMB Mission: Data Security Without Compromising User Productivity
ByKayne
“Tying data security to user identities is the easiest, lowest-effort way to modernize security for small to medium businesses,” says Kayne McGladrey (@kaynemcgladrey), cybersecurity strategist at Ascent Solutions (@meetascent). “Establishing data security based on user identity means that data remains secure regardless of storage location or medium.”
Noberus Amps Its Tactics: How IT Leaders Can Keep Up with Evolving Ransomware
ByKayne
The updates to Noberus are concerning but expected. “This is the new normal. Criminal groups will continue to reinvest part of their profits in research and development to drive the innovation cycle of development and distribution of their unwanted products,” says Kayne McGladrey, field CISO at Hyperproof.